Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/OJ7Caf-9EfJNcXvdTBhJ7YzGTCI.roa
File:                     OJ7Caf-9EfJNcXvdTBhJ7YzGTCI.roa (raw, json)
Hash identifier:          GpGPkXp8Fm37h9iBgpDkw8HZqY4U3oENSvkDXvE+uZs=
Subject key identifier:   38:9E:C2:69:FF:BD:11:F2:4D:71:7B:DD:4C:18:49:ED:8C:C6:4C:22
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018844CD5029918EEDCFAE8B04ACEBF9F1F1
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/OJ7Caf-9EfJNcXvdTBhJ7YzGTCI.roa
Signing time:             Mon 22 May 2023 18:51:26 +0000
ROA not before:           Mon 22 May 2023 18:51:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.120.176.0/22 maxlen: 24
                          195.149.87.0/24 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          185.242.85.0/24 maxlen: 24
                          185.242.87.0/24 maxlen: 24
                          185.242.86.0/24 maxlen: 24
                          185.250.150.0/24 maxlen: 24
                          185.250.149.0/24 maxlen: 24
                          185.250.148.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          193.203.202.0/24 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          80.92.206.0/24 maxlen: 24
                          74.119.195.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          74.119.193.0/24 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          45.67.230.0/24 maxlen: 24
                          45.67.229.0/24 maxlen: 24
                          45.67.228.0/24 maxlen: 24
                          2a09:7c44::/32 maxlen: 32
                          2a09:7c45::/32 maxlen: 32
                          2a09:7c47::/32 maxlen: 32
                          2a09:7c41::/32 maxlen: 32
                          2a09:7c42::/32 maxlen: 32
                          2a09:7c40::/32 maxlen: 32
                          2a09:7c46::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 04 Jul 2023 13:40:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:44:cd:50:29:91:8e:ed:cf:ae:8b:04:ac:eb:f9:f1:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: May 22 18:51:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=389ec269ffbd11f24d717bdd4c1849ed8cc64c22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5e:88:6b:8f:b7:ca:58:e2:f4:66:e7:fa:5f:
                    4a:3a:74:a4:de:91:e0:66:a0:b0:db:07:db:78:8a:
                    0f:60:bd:c6:64:75:45:e4:3b:06:32:02:48:84:dd:
                    d1:7c:d6:0d:f4:9d:a7:d0:77:b9:a1:fe:cf:cb:2a:
                    47:4d:d0:a7:5c:a0:64:69:ed:6d:c7:79:ab:4f:c2:
                    b6:b0:41:ea:1d:9d:70:c3:29:9c:a1:d3:c5:5d:7d:
                    13:1e:52:48:f9:fc:ce:a8:12:fd:0e:87:3b:ff:e0:
                    11:0a:d3:c2:f9:42:8a:f1:4b:61:45:7a:fb:26:27:
                    3c:fc:db:bd:74:1f:71:b8:97:72:4b:ad:48:7e:cf:
                    7c:56:c0:3c:5b:90:c4:cb:92:3a:17:53:a2:3f:3f:
                    fb:09:60:85:35:7b:0b:e4:d0:72:7a:ae:37:5b:8b:
                    1a:6a:1a:0b:7b:ae:2e:ce:6a:be:31:a5:60:f4:c2:
                    25:60:cb:0d:c0:39:71:da:d0:05:f3:84:88:67:b2:
                    7f:af:61:9d:93:ff:b9:09:35:6c:6c:ee:64:5e:79:
                    32:4b:e6:6d:ec:07:49:ba:9a:1e:4c:ab:f1:d5:e9:
                    54:5f:50:c4:ae:2f:7a:fa:f6:55:6c:00:a0:6f:53:
                    f4:d2:a7:f7:af:69:5d:3e:44:00:c0:67:11:b1:52:
                    db:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:9E:C2:69:FF:BD:11:F2:4D:71:7B:DD:4C:18:49:ED:8C:C6:4C:22
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/OJ7Caf-9EfJNcXvdTBhJ7YzGTCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.228.0/22
                  45.120.176.0/22
                  74.119.192.0/22
                  80.92.204.0-80.92.206.255
                  185.242.84.0/22
                  185.250.148.0/22
                  193.203.202.0/24
                  195.149.87.0/24
                IPv6:
                  2a09:7c40::-2a09:7c42:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:7c44::/30

    Signature Algorithm: sha256WithRSAEncryption
         36:bd:d8:7e:2f:e7:e1:01:d8:d8:de:8c:80:30:fb:42:dc:de:
         cd:8e:2b:10:05:cd:3e:6f:db:3d:e1:e1:d9:a1:1d:c1:7d:8f:
         1a:86:0a:de:c0:07:81:66:e0:90:5a:eb:e9:f3:d3:f6:cb:6f:
         ee:3f:02:f7:2a:09:04:a3:3c:1c:c7:92:e4:3e:28:77:29:18:
         0b:64:e7:21:34:e2:cc:22:3d:76:9b:96:82:a9:ad:58:04:c0:
         e5:2c:5b:7b:43:8c:4a:87:0b:05:44:d4:67:9e:4a:37:1d:2f:
         b3:3c:51:10:09:fa:30:0b:2c:9a:2f:f5:cb:d1:1b:28:5b:73:
         13:6c:b2:2f:6e:26:ff:0d:ff:a0:a0:11:13:96:e1:4b:4d:84:
         ae:24:76:8e:1f:eb:c3:21:f6:96:c4:81:91:ef:63:f0:2c:6b:
         23:15:d3:64:6e:85:98:9e:39:02:97:05:1d:59:91:96:c8:db:
         ff:54:d4:68:7e:f9:63:cb:67:d9:55:f3:b5:d4:9f:97:d2:59:
         4d:80:9d:2e:60:4d:6f:24:13:37:9c:8f:25:aa:ac:a4:b3:47:
         f2:19:5d:9b:ad:a7:9b:86:bf:1b:f8:b7:d5:b1:16:44:13:18:
         fb:8a:cd:47:47:21:ee:08:42:e1:9e:4f:17:2a:28:1f:45:74:
         42:c9:47:20
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYhEzVApkY7tz66LBKzr+fHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwNTIyMTg1MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODllYzI2OWZmYmQxMWYyNGQ3MTdiZGQ0YzE4NDllZDhjYzY0YzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl6Ia4+3ylji9Gbn+l9KOnSk3pHg
ZqCw2wfbeIoPYL3GZHVF5DsGMgJIhN3RfNYN9J2n0He5of7PyypHTdCnXKBkae1t
x3mrT8K2sEHqHZ1wwymcodPFXX0THlJI+fzOqBL9Doc7/+ARCtPC+UKK8UthRXr7
Jic8/Nu9dB9xuJdyS61Ifs98VsA8W5DEy5I6F1OiPz/7CWCFNXsL5NByeq43W4sa
ahoLe64uzmq+MaVg9MIlYMsNwDlx2tAF84SIZ7J/r2Gdk/+5CTVsbO5kXnkyS+Zt
7AdJupoeTKvx1elUX1DEri96+vZVbACgb1P00qf3r2ldPkQAwGcRsVLbzwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDiewmn/vRHyTXF73UwYSe2MxkwiMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvT0o3Q2FmLTlFZkpOY1h2ZFRCaEo3WXpHVENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzA+BAIAATA4AwQCLUPkAwQC
LXiwAwQCSnfAMAwDBAJQXMwDBABQXM4DBAK58lQDBAK5+pQDBADBy8oDBADDlVcw
HQQCAAIwFzAOAwUGKgl8QAMFACoJfEIDBQIqCXxEMA0GCSqGSIb3DQEBCwUAA4IB
AQA2vdh+L+fhAdjY3oyAMPtC3N7NjisQBc0+b9s94eHZoR3BfY8ahgrewAeBZuCQ
Wuvp89P2y2/uPwL3KgkEozwcx5LkPih3KRgLZOchNOLMIj12m5aCqa1YBMDlLFt7
Q4xKhwsFRNRnnko3HS+zPFEQCfowCyyaL/XL0RsoW3MTbLIvbib/Df+goBETluFL
TYSuJHaOH+vDIfaWxIGR72PwLGsjFdNkboWYnjkClwUdWZGWyNv/VNRofvljy2fZ
VfO11J+X0llNgJ0uYE1vJBM3nI8lqqyks0fyGV2braebhr8b+LfVsRZEExj7is1H
RyHuCELhnk8XKigfRXRCyUcg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org